I am in the process of setting up a test instance of Qlik Sense and SAML Authentication via Azure's AD.
I found the link - https://www.qlikcommunity.org/thread/218515 and I followed it to setup the Virtual Proxy and the web application in my Azure Portal but I am having an issue when I browse out to the application link.
I get an error message when i try to browse out to the Qlik Sense Site through the virtual proxy i created.
Additional technical information:
Correlation ID: 8db078de-f4a9-48bd-a175-61b2492d8d26
Timestamp: 2016-11-21 16:30:07Z
AADSTS70001: Application with identifier 'https://qliksaml.company.com/azure' was not found in the directory f8861847-f1ec-450b-a162-cfc470073a20
I was wondering if anyone could possibly review the settings I have defined in the Qlik Sense Virtual Proxy to see if they are right, the only thing i took out was the company name... and changed it to company
Session inactivy timeout: 30
Session cookiename: X-Qlik-Session-Azure
Anonymous access mode: No anonymous user
Authentication method: SAML
SAML Host URI: https://qliksaml.company.com/
SAML Entity Id: https://qliksaml.company.com/azure
SAML IdP Metadata: in the XML file
SAML attribute for user ID: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
SAML attribute for user directory: [Azure]
SAML signing algorithm: SHA-1
Now what I am unsure of is do we need to map out any attributes further?
I mapped out these attributes
SAML Attribute - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn to QLIK Sense Attribute user
SAML Attribute - http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailadderess to QLIK Sense Attribute email
They are both not set as mandatory.
Is this an issue with Azure AD or Qlik Sense? I would really appreciate some help with this.